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1 This action is in response to the communication filed on 9/28/2009. 

2 DETAILED ACTION 

3 Response to Arguments 

4 Applicant's arguments do not comply with 37 CFR 1 . 1 1 1 (c) because they do not clearly 



5 point out the patentable novelty which he or she thinks the claims present in view of the state of 

6 the art disclosed by the references cited or the objections made. Further, they do not show how 

7 the amendments avoid such references or objections. As such, the examiner does not find the 

8 arguments persuasive. 



9 All objections and rejections not set forth below have been withdrawn. 

10 Claims 1-8, 10-56 have been examined. 

1 1 Claim Rejections - 35 USC § 103 

12 The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 

13 obviousness rejections set forth in this Office action: 

14 A patent may not be obtained though the invention is not identically disclosed or 

15 described as set forth in section 102 of this title, if the differences between the subject matter 

16 sought to be patented and the prior art are such that the subject matter as a whole would have 

17 been obvious at the time the invention was made to a person having ordinary skill in the art to 

18 which said subject matter pertains. Patentability shall not be negatived by the manner in which 

19 the invention was made. 
20 

21 Claims 10, 18-19, 24-43, and 48-56 are rejected under 35 U.S.C. 103(a) as being 

22 unpatentable over Forslow, and further in view of Hansen (IPsec and Mobile-IP in Mobile Ad 

23 Hoc Networking). 



24 
25 
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1 

2 Claims 1-8, and 10-56 are rejected under 35 U.S.C. 102(e) as being anticipated by 

3 Forslow (US Patent Application Publication 2002/0 1 33534). 

4 Regarding claim 1, Forslow disclosed a gateway (Forslow Fig. 1 Element 1) for 

5 connecting an external portion of a network (Forslow Fig. 1 Elements 8a and 8b) to an internal 

6 secured portion of the network (Forslow Fig. 1 Elements 12a and 6c and 6d) wherein the 

7 gateway is arranged to identify automatically when a communication session exists between two 

8 mobile workstations both of which are connected in the external portion of the network by 

9 detecting a packet sent from one of the two mobile workstations to the other one of the two 

10 mobile workstations, said gateway further configured to inform a virtual network connectivity 

1 1 manager of the detected communication session between the two mobile workstations so as to 

12 enable said virtual network connectivity manager to send first security information to the first 

13 mobile workstation and second security information to the second mobile workstation using a 

14 secure communication, where the first mobile workstation uses the first security information and 

15 the second mobile workstation uses the second security information to enable a second secure 

16 communication by which further information is transferable security between the first mobile 

1 7 workstation and the second mobile workstation (Forslow Paragraphs 0 1 05-0 1 1 0), but Forslow 

1 8 did not disclose the transfer between the first mobile workstation and the second mobile 

19 workstation occurring without passing through the internal secured portion of the network. 

20 Hansen, in an analogous art, teaches that IPv6 Mobile IP provides support the mobile 

21 node to generate its own care-of address and to capsulate/decapsulate the traffic it sends/receives, 

22 thereby allowing for traffic to bypass the home agent and instead traffic can be sent directly from 
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1 the communicating node to the mobile node and the mobile node can respond directly to the 

2 correspondent node (Hansen Sections 3, and 4.2-4.3). 

3 It would have been obvious to the ordinary person skilled in the art at the time of 

4 invention to have employed the teachings of Hansen in the virtual private networking system of 

5 Forslow by providing having the home agent provide the mobile nodes with each others public 

6 addresses, and having the mobile nodes tunnel traffic directly between one another rather than 

7 through the home agent. This would have been obvious because the ordinary person skilled in 

8 the art would have been motivated to optimize the routing of the traffic. 
9 

10 Regarding claim 12, Forslow disclosed a network including an internal secured portion 

1 1 (Forslow Fig. 1 Elements 12a and 6c and 6d) which connects, via a gateway (Forslow Fig. 1 

12 Element 1) to an external portion (Forslow Fig. 1 Elements 8a and 8b), the network comprising a 

13 plurality of workstations including mobile workstations (Forslow Fig. 1 Elements 3a and 3b); the 

14 gateway and secure communication means by which information is transferable securely to a 

1 5 first mobile workstation in the external portion of the network via the gateway and by which 

16 information is transferable securely to a second mobile workstation in the external portion of the 

17 network via the gateway (Forslow Paragraphs 0105-01 10); and a virtual network connectivity 

1 8 manager configured to send first security information to the first mobile workstation and second 

19 security information to the second mobile workstation using a secure communication, where the 

20 first mobile workstation uses the first security information and the second mobile workstation 

21 uses the second security information to enable a second secure communication by which further 

22 information is transferable security between the first mobile workstation and the second mobile 
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1 workstation (Forslow Paragraphs 0105-01 10), but Forslow did not disclose the transfer between 

2 the first mobile workstation and the second mobile workstation occurring without passing 

3 through the internal secured portion of the network. 

4 Hansen, in an analogous art, teaches that IPv6 Mobile IP provides support the mobile 

5 node to generate its own care-of address and to capsulate/decapsulate the traffic it sends/receives, 

6 thereby allowing for traffic to bypass the home agent and instead traffic can be sent directly from 

7 the communicating node to the mobile node and the mobile node can respond directly to the 

8 correspondent node (Hansen Sections 3, and 4.2-4.3). 

9 It would have been obvious to the ordinary person skilled in the art at the time of 

10 invention to have employed the teachings of Hansen in the virtual private networking system of 

1 1 Forslow by providing having the home agent provide the mobile nodes with each others public 

12 addresses, and having the mobile nodes tunnel traffic directly between one another rather than 

13 through the home agent. This would have been obvious because the ordinary person skilled in 

14 the art would have been motivated to optimize the routing of the traffic. 
15 

16 Regarding claim 21, Forslow disclosed a method of securely routing communications 

17 between a first mobile node (3a) and a second mobile node (3b) of a network including an 

18 internal secured portion (Forslow Fig. 1 Elements 12a and 6c and 6d) which connects, via a 

19 gateway (Forslow Fig. 1 Element 1) to an external portion (Forslow Fig. 1 Elements 8a and 8b), 

20 comprising the steps of: maintaining a secure communication means by which information is 

21 transferable securely to a first mobile node in the external portion of the network via the gateway 

22 and by which information is transferable securely to a second mobile node in the external portion 
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1 of the network via the gateway (Forslow Paragraphs 0105-01 10); sending from a virtual 

2 connectivity manager first security information to the first mobile workstation and second 

3 security information to the second mobile workstation using a secure communication, where the 

4 first mobile workstation uses the first security information and the second mobile workstation 

5 uses the second security information to enable a second secure communication by which further 

6 information is transferable security between the first mobile workstation and the second mobile 

7 workstation (Forslow Paragraphs 0105-01 10); but Forslow did not disclose the transfer between 

8 the first mobile workstation and the second mobile workstation occurring without passing 

9 through the internal secured portion of the network. 

10 Hansen, in an analogous art, teaches that IPv6 Mobile IP provides support the mobile 

1 1 node to generate its own care-of address and to capsulate/decapsulate the traffic it sends/receives, 

12 thereby allowing for traffic to bypass the home agent and instead traffic can be sent directly from 

13 the communicating node to the mobile node and the mobile node can respond directly to the 

14 correspondent node (Hansen Sections 3, and 4.2-4.3). 

15 It would have been obvious to the ordinary person skilled in the art at the time of 

16 invention to have employed the teachings of Hansen in the virtual private networking system of 

17 Forslow by providing having the home agent provide the mobile nodes with each others public 

1 8 addresses, and having the mobile nodes tunnel traffic directly between one another rather than 

19 through the home agent. This would have been obvious because the ordinary person skilled in 

20 the art would have been motivated to optimize the routing of the traffic. 

21 Regarding claim 23, Forslow disclosed a mobile workstation (3 a) for connecting to an 

22 external portion of a network (Forslow Fig. 1 Elements 8a and 8b) that includes an internal 
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1 secured portion (Forslow Fig. 1 Elements 12a and 6c and 6d) connected, via a gateway (Forslow 

2 Fig. 1 Element l)to the external portion, comprising: means for using a secure communication 

3 means by which information is transferable securely from the internal portion of the network to 

4 the mobile workstation via the gateway (Forslow Paragraphs 0 1 05-0 1 1 0); means arranged to 

5 receive, via the first secure communication means, an identifier of another mobile workstation 

6 also connected to the external portion of the network (Forslow Paragraphs 0105-01 10); and 

7 means for including the identifier of the other mobile workstation as an address in a packet for 

8 transmission to the other mobile workstation (Forslow Paragraphs 0 1 05-0 1 1 0), said receiving 

9 means arranged to receive, from a virtual network connectivity manager, first security 

10 information using said secure communication means by which further information is transferable 

1 1 securely between the mobile workstation and the another mobile workstation (Forslow 

12 Paragraphs 0105-01 10), but Forslow did not disclose the transfer between the first mobile 

13 workstation and the second mobile workstation occurring without passing through the internal 

14 secured portion of the network. 

15 Hansen, in an analogous art, teaches that IPv6 Mobile IP provides support the mobile 

16 node to generate its own care-of address and to capsulate/decapsulate the traffic it sends/receives, 

17 thereby allowing for traffic to bypass the home agent and instead traffic can be sent directly from 

1 8 the communicating node to the mobile node and the mobile node can respond directly to the 

19 correspondent node (Hansen Sections 3, and 4.2-4.3). 

20 It would have been obvious to the ordinary person skilled in the art at the time of 

21 invention to have employed the teachings of Hansen in the virtual private networking system of 

22 Forslow by providing having the home agent provide the mobile nodes with each others public 
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1 addresses, and having the mobile nodes tunnel traffic directly between one another rather than 

2 through the home agent. This would have been obvious because the ordinary person skilled in 

3 the art would have been motivated to optimize the routing of the traffic. 

4 Regarding claim 24, 10, and 18-19, Forslow taught a virtual private network including an 

5 internal secured portion (Forslow Fig. 1 Elements 12a and 6c and 6d) which connects, via a 

6 gateway (Forslow Fig. 1 Element 1) to an external portion (Forslow Fig. 1 Elements 8a and 8b), 

7 the network being arranged to communicate within the internal portion of the network using 

8 private addresses and comprising: a plurality of workstations including mobile workstations 

9 (Forslow Fig. 1 Elements 3a and 3b); the gateway; first secure communication means by which 

10 information is transferable securely to a first mobile workstation connected at the external 

1 1 portion of the network via the gateway and by which information is transferable securely to a 

12 second mobile workstation connected at the external portion of the network via the gateway 

1 3 (Forslow Paragraphs 0105-011 0); and virtual network connectivity manager means for sending 

14 first security information to the first mobile workstation and second security information to the 

15 second mobile workstation using the first secure communication means (Forslow Paragraphs 

16 0105-01 10), wherein the first mobile workstation uses the first security information and the 

17 second mobile workstation uses the second security information to enable a second secure 

1 8 communication means by which further information is transferable securely between the first 

19 mobile workstation and the second mobile workstation (Forslow Paragraphs 0105-01 10), but 

20 Forslow did not disclose the transfer between the first mobile workstation and the second mobile 

2 1 workstation occurring without passing through the internal secured portion of the network. 
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1 Hansen, in an analogous art, teaches that IPv6 Mobile IP provides support the mobile 

2 node to generate its own care-of address and to capsulate/decapsulate the traffic it sends/receives, 

3 thereby allowing for traffic to bypass the home agent and instead traffic can be sent directly from 

4 the communicating node to the mobile node and the mobile node can respond directly to the 

5 correspondent node (Hansen Sections 3, and 4.2-4.3). 

6 It would have been obvious to the ordinary person skilled in the art at the time of 

7 invention to have employed the teachings of Hansen in the virtual private networking system of 

8 Forslow by providing having the home agent provide the mobile nodes with each others public 

9 addresses, and having the mobile nodes tunnel traffic directly between one another rather than 

10 through the home agent. This would have been obvious because the ordinary person skilled in 

1 1 the art would have been motivated to optimize the routing of the traffic. 

12 Regarding claim 43, Forslow taught a method of securing communications between a 

13 first mobile node and a second mobile node of a virtual private network including an internal 

14 secured portion which connects, via a gateway to an external portion, comprising the steps of: 

15 communicating within the internal portion of the network using private addresses (Forslow 

16 Paragraphs 0105-01 10); maintaining a first secure communication means by which information 

17 is transferable securely to the first mobile node in the external portion of the network via the 

1 8 gateway and by which information is transferable securely to a second mobile node in the 

19 external portion of the network via the gateway (Forslow Paragraphs 0105-01 10); sending first 

20 security information to the first mobile node using the first secure communication means 

2 1 (Forslow Paragraphs 0 1 05-0 1 1 0); sending second security information to the second mobile 

22 node using the first secure communication means (Forslow Paragraphs 0105-01 10); creating a 
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1 second secure communication means in the first mobile node, using the first security information 

2 in the first mobile node and the second security information in the second mobile node; and 

3 using the second secure communication means, and for transferring further information between 

4 the first and second mobile nodes while they both remain in the external portion of the network 

5 (Forslow Paragraphs 0105-01 10), the gateway is arranged to identify automatically when a 

6 communication session exists between the two mobile nodes by detecting a packet sent from one 

7 of the two mobile nodes to the other one of the two mobile nodes, and where a virtual network 

8 connectivity manager means is configured to send the first security information to the first 

9 mobile node and the second security information to the second mobile node using the first secure 

10 communication means, where the further information is transferable security between the first 

1 1 mobile node and the second mobile node (Forslow Paragraphs 0105-01 10), but Forslow failed to 

12 teach not using the first secure communication means (i.e. the first and second communication 

13 means are different), for transferring further information between the first and second mobile 

14 nodes while they both remain in the external portion of the network, or that the transfer between 

15 the first mobile node and the second mobile node occurring without passing through the internal 

1 6 secured portion of the network. . 

17 Hansen, in an analogous art, teaches that IPv6 Mobile IP provides support the mobile 

18 node to generate its own care-of address and to capsulate/decapsulate the traffic it sends/receives, 

19 thereby allowing for traffic to bypass the home agent and instead traffic can be sent directly from 

20 the communicating node to the mobile node and the mobile node can respond directly to the 

21 correspondent node (Hansen Sections 3, and 4.2-4.3). 



Application/Control Number: 10/531 ,653 Page 1 1 

Art Unit: 2431 

1 It would have been obvious to the ordinary person skilled in the art at the time of 

2 invention to have employed the teachings of Hansen in the virtual private networking system of 

3 Forslow by providing having the home agent provide the mobile nodes with each others public 

4 addresses, and having the mobile nodes tunnel traffic directly between one another rather than 

5 through the home agent. This would have been obvious because the ordinary person skilled in 

6 the art would have been motivated to optimize the routing of the traffic. 

7 Regarding claim 44, Forslow disclosed a mobile workstation for connecting to a virtual 

8 private network that includes an internal secured portion (Forslow Fig. 1 Elements 8a and 8b) 

9 connected, via a gateway (Forslow Fig. 1 Element 1 ) to the external portion (Forslow Fig. 1 

10 Elements 8a and 8b), and for communicating while in the internal portion using packet addresses 

1 1 which are private to the network, the mobile workstation comprising: means for using a first 

12 secure communication means by which packets addressed to the private address of the mobile 

13 workstation are transferable securely from the internal portion of the network to the mobile 

14 workstation via the gateway (Forslow Paragraphs 0105-01 10); means arranged to receive, via the 

15 first secure communication means, first security information for enabling a second secure 

16 communication means (Forslow Paragraphs 0105-01 10); and means for using the enabled second 

17 secure communication means to securely receive further packets, addressed to a public address 

18 of the mobile workstation, from another mobile workstation also in the external portion of the 

19 network (Forslow Paragraphs 0105-01 10), said receiving means arranged to receive, from a 

20 virtual network connectivity manager, the first security information using said first secure 

2 1 communication means by which further packets are transferable securely between the mobile 

22 workstation and the another mobile workstation (Forslow Paragraphs 0 1 05-0 1 1 0), but Forslow 
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1 did not disclose the transfer between the first mobile workstation and the second mobile 

2 workstation occurring without passing through the internal secured portion of the network. 

3 Hansen, in an analogous art, teaches that IPv6 Mobile IP provides support the mobile 

4 node to generate its own care-of address and to capsulate/decapsulate the traffic it sends/receives, 

5 thereby allowing for traffic to bypass the home agent and instead traffic can be sent directly from 

6 the communicating node to the mobile node and the mobile node can respond directly to the 

7 correspondent node (Hansen Sections 3, and 4.2-4.3). 

8 It would have been obvious to the ordinary person skilled in the art at the time of 

9 invention to have employed the teachings of Hansen in the virtual private networking system of 

10 Forslow by providing having the home agent provide the mobile nodes with each others public 

1 1 addresses, and having the mobile nodes tunnel traffic directly between one another rather than 

12 through the home agent. This would have been obvious because the ordinary person skilled in 

13 the art would have been motivated to optimize the routing of the traffic. 

14 Regarding claim 48, Forslow taught a virtual private network including an internal 

15 secured portion which connects, via a gateway to an external portion, the network being arranged 

16 to communicate within the internal portion of the network using private addresses and 

17 comprising: a plurality of workstations including mobile workstations; the gateway; means for 

1 8 dynamically updating an identifier of the first mobile workstation as it moves within the external 

19 portion of the network; means for communicating the updated identifier of the first mobile 

20 workstation to the second mobile workstation; and means for sending packets from the second 

2 1 mobile workstation to the first mobile workstation using a secure communication means, 

22 wherein the packets are addressed using the updated identifier of the first mobile workstation 
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1 (Forslow Paragraphs 0105-01 10), where the gateway is arranged to identify automatically when 

2 a communication session exists between the first and second mobile workstations by detecting a 

3 packet sent from one of the two mobile workstations to the other one of the two mobile 

4 workstations, and where a virtual network connectivity manager means is configured to securely 

5 send security information to the first mobile workstation the second mobile workstation, and 

6 where packets are transferable security between the first workstation node and the second mobile 

7 workstation through said secure communication means (Forslow Paragraphs 0105-01 10),, but 

8 Forslow failed to teach secure communication means by which information is transferable 

9 securely, without passing through the gateway, between a first mobile workstation connected to 

10 the external portion of the network and a second mobile workstation connected to the external 

1 1 portion of the network. 

12 Hansen, in an analogous art, teaches that IPv6 Mobile IP provides support the mobile 

13 node to generate its own care-of address and to capsulate/decapsulate the traffic it sends/receives, 

14 thereby allowing for traffic to bypass the home agent and instead traffic can be sent directly from 

15 the communicating node to the mobile node and the mobile node can respond directly to the 

16 correspondent node (Hansen Sections 3, and 4.2-4.3). 

17 It would have been obvious to the ordinary person skilled in the art at the time of 

1 8 invention to have employed the teachings of Hansen in the virtual private networking system of 

19 Forslow by providing having the home agent provide the mobile nodes with each others public 

20 addresses, and having the mobile nodes tunnel traffic directly between one another rather than 

21 through the home agent. This would have been obvious because the ordinary person skilled in 

22 the art would have been motivated to optimize the routing of the traffic. 
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1 Regarding claim 53, Forslow taught a method of optimizing the routing of secure 

2 communications between a first mobile node and a second mobile node of a network including 

3 an internal secured portion which connects, via a gateway to an external portion, comprising the 

4 steps of: communicating within the internal portion of the network using private addresses; 

5 moving the first mobile node within the external portion of the network; modifying an identifier 

6 of the first mobile node in response to its movement; communicating the modified identifier of 

7 the first mobile node to the second mobile node (Forslow Paragraphs 0105-01 10), where the 

8 gateway is arranged to identify automatically when a communication session exists between the 

9 first and second mobile nodes by detecting a packet sent from one of the two mobile nodes to the 

10 other one of the two mobile nodes, and where a virtual network connectivity manager is 

1 1 configured to securely send security information to the first mobile node and to the second 

12 mobile node, and where the packet is sent securely from the second mobile node for reception by 

13 the first mobile node using said secure communication means (Forslow Paragraphs 0105-01 10), 

14 but Forslow failed to specifically teach creating a secure communication means by which 

15 information is transferable securely, without passing through the gateway, between a first mobile 

16 node of the external portion of the network and a second mobile node of the external portion of 

17 the network, and sending a packet from the second mobile node for reception by the first mobile 

1 8 node, after addressing it using the updated identifier of the first mobile and securing it using the 

19 secure communication means. 

20 Hansen, in an analogous art, teaches that IPv6 Mobile IP provides support the mobile 

21 node to generate its own care-of address and to capsulate/decapsulate the traffic it sends/receives, 

22 thereby allowing for traffic to bypass the home agent and instead traffic can be sent directly from 
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1 the communicating node to the mobile node and the mobile node can respond directly to the 

2 correspondent node (Hansen Sections 3, and 4.2-4.3). 

3 It would have been obvious to the ordinary person skilled in the art at the time of 

4 invention to have employed the teachings of Hansen in the virtual private networking system of 

5 Forslow by providing having the home agent provide the mobile nodes with each others public 

6 addresses, and having the mobile nodes tunnel traffic directly between one another rather than 

7 through the home agent. This would have been obvious because the ordinary person skilled in 

8 the art would have been motivated to optimize the routing of the traffic. 

9 Regarding claim 54, Forslow taught a mobile workstation for connecting to an external 

10 portion of a network that includes an internal secured portion connected, via a gateway to the 

1 1 external portion, comprising: means for communicating using private addresses when in the 

12 internal portion of the network; means for receiving an identifier of the other mobile workstation; 

13 and means for sending packets, when in the external portion of the network, to the other mobile 

14 workstation using a secure communication means and the received identifier, where said 

15 receiving means is arranged to securely receive, from a virtual network connectivity manager, 

16 the identifier such that the packets are sent securely between the mobile workstations (Forslow 

17 Paragraphs 0105-01 10), but failed to specifically teach means for enabling and using a secure 

1 8 communication means by which information is transferable securely from the mobile 

19 workstation, when in the external portion of the network, to another mobile workstation 

20 connected to the external portion of the network without passing through the gateway. 

21 Hansen, in an analogous art, teaches that IPv6 Mobile IP provides support the mobile 

22 node to generate its own care-of address and to capsulate/decapsulate the traffic it sends/receives, 
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1 thereby allowing for traffic to bypass the home agent and instead traffic can be sent directly from 

2 the communicating node to the mobile node and the mobile node can respond directly to the 

3 correspondent node (Hansen Sections 3, and 4.2-4.3). 

4 It would have been obvious to the ordinary person skilled in the art at the time of 

5 invention to have employed the teachings of Hansen in the virtual private networking system of 

6 Forslow by providing having the home agent provide the mobile nodes with each others public 

7 addresses, and having the mobile nodes tunnel traffic directly between one another rather than 

8 through the home agent. This would have been obvious because the ordinary person skilled in 

9 the art would have been motivated to optimize the routing of the traffic. 
10 



1 1 Regarding claim 2, Forslow and Hansen disclosed monitoring the source and destination 

12 of received packets (Forslow Paragraphs 0105-01 10). 

13 Regarding claim 3, Forslow and Hansen disclosed having secure communication means 

14 by which information is transferable securely to the two mobile workstations separately (Forslow 

15 Paragraphs 0105-01 10). 

16 Regarding claims 4, 16, Forslow and Hansen disclosed that the secure communication 

17 means includes a first Security Association with a first mobile workstation and a second Security 

18 Association with a second mobile workstation (Forslow Paragraphs 0105-01 10 and 0114). 

19 Regarding claims 5-6, and 14 Forslow and Hansen disclosed that the gateway is arranged 

20 to send, using the secure communication means, an identifier of a second mobile workstation to a 

2 1 first mobile workstation for use as an address in a packet originating from the first mobile 

22 workstation and destined for the second mobile workstation (Forslow Paragraphs 0 1 05-0 1 1 0), 
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1 and the identifier of the second mobile workstation is a Home Address (Forslow Paragraphs 

2 0105-0110). 

3 Regarding claims 7-8, Forslow and Hansen disclosed that the gateway is arranged to 

4 send, using the secure communication means, an identifier of the first mobile workstation to the 

5 second mobile workstation for use as an address in a packet originating from the second mobile 

6 workstation and destined for the first mobile workstation (Forslow Paragraphs 0105-01 10), and 

7 the identifier of the first mobile workstation is a Home Address (Forslow Paragraphs 0105- 

8 0110). 

9 Regarding claim 1 1 , Forslow and Hansen disclosed that the gateway is further arranged 

10 to identify automatically when a mobile workstation moves between the internal and the external 

1 1 portions of the network (Forslow Paragraph 0135). 

12 Regarding claim 13, Forslow and Hansen disclosed that the information transfer means is 

13 further arranged to send, using the secure communication means, an identifier of the first mobile 

14 workstation to the second mobile workstation for use as an address in a packet originating from 

15 the second mobile workstation and destined for the first mobile workstation, and an identifier of 

16 the second mobile workstation to the first mobile workstation for use as an address in a packet 

17 originating from the first mobile workstation and destined for the second mobile workstation 

18 (Forslow Paragraphs 0105-01 10). 

19 Regarding claim 15, Forslow and Hansen disclosed that the secure communication means 

20 provides an encrypted communications channel to the first mobile workstation and an encrypted 

2 1 communications channel to the second mobile workstation (Forslow Paragraphs 0105-0110). 
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1 Regarding claim 17, Forslow and Hansen disclosed that the gateway is arranged to detect 

2 a communications session between two mobile workstations which are connected at the external 

3 portion of the network (Forslow Paragraphs 0 1 05-0 1 1 0). 

4 Regarding claim 20, Forslow and Hansen disclosed that the network is arranged to use 

5 private addresses to communicate within the internal portion of the network and the identifier of 

6 the second workstation is a public address (Forslow Paragraphs 0 1 05-0 1 1 0). 

7 Regarding claim 22, Forslow and Hansen disclosed the steps of: sending an identifier of 



8 the first mobile node to the second mobile node using the secure communication means and 

9 sending an identifier of the second mobile node to the first mobile node using the secure 

10 communication means; and addressing a packet sent from the first mobile node to the second 

1 1 mobile node using the identifier of the second mobile node and routing the packet, using the 

12 identifier of the second mobile node (Forslow Paragraphs 0105-01 10); and addressing a packet 

13 sent from the second mobile node to the first mobile node using the identifier of the first mobile 

14 node and routing the packet from the second mobile node to the first mobile node (Forslow 

15 Paragraphs 0105-01 10). 



16 Regarding claim 25, Forslow and Hansen taught that the further information is 

17 transferable in packets using public addresses (Hansen Section 3.3). 

18 Regarding claim 26, Forslow and Hansen taught that the first secure communication 

19 means provides an encrypted communications channel to the first mobile workstation and an 

20 encrypted communications channel to the second mobile workstation (Forslow Paragraphs 0105- 

21 0110). 
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1 Regarding claims 27-30, Forslow and Hansen taught that the first secure communication 

2 means comprises a first Security Association and a second Security Association, wherein the first 

3 Security Association is from the gateway to the first mobile workstation and the second Security 

4 Association is from the gateway to the second mobile workstation, wherein the first Security 

5 Association is from the internal portion of the network to the first mobile workstation and the 

6 second Security Association is from the internal portion of the network to the second mobile 

7 workstation, and wherein communications using the first and second Security Associations use 

8 addresses which are private (Forslow Paragraphs 0105-0110). 

9 Regarding claims 31-32, and 50, Forslow and Hansen taught that the second secure 

10 communication means provides encrypted communications channels between the first and 

1 1 second mobile workstations, and that the first and second security information define the 

12 encryption/decryption of the encrypted communications channels (Hansen Section 2 and Forslow 

13 Paragraphs 0105-01 10). 

14 Regarding claims 33-34, Forslow and Hansen taught that the second secure 

15 communication means comprises at least a third Security Association from the first mobile 

16 workstation to the second mobile workstation, and wherein first and second security information 

1 7 defines at least the third Security Association (Forslow Paragraphs 0 1 05-0 1 1 0). 

18 Regarding claim 35, Forslow and Hansen taught that at least a portion of the first security 

19 information and at least a portion of the second security information are created within the 

20 internal portion of the network (Forslow Paragraphs 0105-0110). 
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1 Regarding claim 36, Forslow and Hansen taught that the gateway is arranged to detect a 

2 communications session between two mobile workstations which are connected at the external 

3 portion of the network (Forslow Paragraphs 0 1 05-0 1 1 0). 

4 Regarding claims 37, and 52, Forslow and Hansen taught that the second secure 

5 communication means is enabled by the adaptation of databases in the first and second mobile 

6 workstations (Hansen Section 4.2-4.3). 

7 Regarding claims 38-40, and 55-56, Forslow and Hansen taught information transfer 

8 means arranged to send, using the first secure communication means, an identifier of the second 

9 mobile workstation to the first mobile workstation for use as an address in a packet originating 

10 from the first mobile workstation and destined for the second mobile workstation, the identifier 

11 of the second mobile workstation is a Home Address, and the identifier of the second mobile 

12 workstation is a public address (Hansen Section 4.2-4.3 and Forslow Paragraphs 0105-01 10). 

13 Regarding claims 41-42, and 49, Forslow and Hansen taught means for dynamically 

14 updating an identifier of the first mobile workstation as it moves within the external portion of 

15 the network; means for communicating the updated identifier of the first mobile workstation to 

16 the second mobile workstation; and means for sending packets from the second mobile 

17 workstation to the first mobile workstation using the second secure communication means, 

1 8 wherein the packets are addressed using the updated identifier of the first mobile workstation, 

19 and wherein the updated identifier is a Care-of-Address (Hansen Section 4.2-4.3 and Forslow 

20 Paragraphs 0105-01 10). 
21 
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1 Regarding claims 45-47, Forslow and Hansen disclosed a database and means for 

2 modifying the database in response to the received first security information, wherein the 

3 database includes a Security Association Database (SAD) which is modified to include a new 

4 Security Association, wherein the database includes a Security Policy database which is 

5 modified so that packets for the other mobile workstation use the new Security Association 

6 (Forslow Paragraphs 0 1 1 4, and 0 1 67). 

7 Regarding claim 51, Forslow and Hansen taught that the secure communication means 

8 comprises a Security Association from the first mobile workstation to the second mobile 

9 workstation and a Security Association from the second mobile workstation to the first mobile 
1 0 workstation (Forslow Paragraphs 0105-011 0). 

1 1 
12 



13 Conclusion 

14 Claims 1-8, and 10-56 have been rejected. 

15 The prior art made of record and not relied upon is considered pertinent to applicant's 

16 disclosure. 

17 THIS ACTION IS MADE FINAL. Applicant is reminded of the extension of time 

18 policy as set forth in 37 CFR 1.136(a). 

19 A shortened statutory period for reply to this final action is set to expire THREE 

20 MONTHS from the mailing date of this action. In the event a first reply is filed within TWO 

21 MONTHS of the mailing date of this final action and the advisory action is not mailed until after 

22 the end of the THREE-MONTH shortened statutory period, then the shortened statutory period 
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1 will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 

2 CFR 1 .136(a) will be calculated from the mailing date of the advisory action. In no event, 

3 however, will the statutory period for reply expire later than SIX MONTHS from the mailing 

4 date of this final action. 

5 Any inquiry concerning this communication or earlier communications from the 

6 examiner should be directed to MATTHEW T. HENNING whose telephone number is 

7 (571)272-3790. The examiner can normally be reached on M-F 8-4. 

8 If attempts to reach the examiner by telephone are unsuccessful, the examiner's 

9 supervisor, William Korzuch can be reached on (57 1 )272-7589. The fax phone number for the 

10 organization where this application or proceeding is assigned is 571-273-8300. 

1 1 Information regarding the status of an application may be obtained from the Patent 

12 Application Information Retrieval (PAIR) system. Status information for published applications 

13 may be obtained from either Private PAIR or Public PAIR. Status information for unpublished 

14 applications is available through Private PAIR only. For more information about the PAIR 

15 system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR 

16 system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would 

17 like assistance from a USPTO Customer Service Representative or access to the automated 

18 information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 
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Primary Examiner, Art Unit 2431 



